Overview

overview

10

Static

static

f7b30f3e9f...75.exe

windows7_x64

10

f7b30f3e9f...75.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f7b30f3e9fed400c3a29ea0f5474699c728c802af2fd85869e22b79b1c98ba75

  • Size

    264KB

  • Sample

    210504-4v84srjgvx

  • MD5

    fd50bf818c0f934069bb7996577566f5

  • SHA1

    756b05d5b66c3ef0cfa2296ccea8dcc8958d7b85

  • SHA256

    f7b30f3e9fed400c3a29ea0f5474699c728c802af2fd85869e22b79b1c98ba75

  • SHA512

    45fb717b2cc5f3bab288a543580349fc85457dd6c28a8eb7505b9e9a45f0ff2879fe5637afc3f2c04ed97e81b2d7152a6720d48f9fa5a11bd0b29da58a7ba71e

Score
10/10
xmrigminerpersistence

Malware Config

Targets

    • Target

      f7b30f3e9fed400c3a29ea0f5474699c728c802af2fd85869e22b79b1c98ba75

    • Size

      264KB

    • MD5

      fd50bf818c0f934069bb7996577566f5

    • SHA1

      756b05d5b66c3ef0cfa2296ccea8dcc8958d7b85

    • SHA256

      f7b30f3e9fed400c3a29ea0f5474699c728c802af2fd85869e22b79b1c98ba75

    • SHA512

      45fb717b2cc5f3bab288a543580349fc85457dd6c28a8eb7505b9e9a45f0ff2879fe5637afc3f2c04ed97e81b2d7152a6720d48f9fa5a11bd0b29da58a7ba71e

    Score
    10/10
    xmrigminerpersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks